This invention relates generally to limited access systems employing password entry to limit access to authorized personnel and more particularly to those systems where the password can be obtained by unauthorized personnel by observing or otherwise monitoring password entry.
The growing use of electronic keypads to replace traditional, mechanical lock and key systems provides added convenience for access to homes, cars, offices and the like. However, the security of many of these systems can be compromised. For example, most systems use a password or entry code to limit access and, in many situations, an unauthorized person may learn the password by watching and recording the entry of the password by an authorized person. The system is then vulnerable until the password can be changed requiring the users to learn new and often multiple passwords. Security doors in open and populated areas (e.g. airports, businesses, and military facilities) are particularly vulnerable.
Methods other than password entry exist and some use personal identification methods to determine authorized user access. For example, systems such as retinal or finger print scanning and the like provide a high degree of security, but are often more costly and less convenient than a password entry system. Particularly when authorized personal are denied access.
Computer systems also use password entry to maintain security and, in addition to direct observation of the user keystrokes, are vulnerable to password disclosure in at least two ways. Firstly, in the case where a remote terminal and modem are used to communicate with a main computer, the communication line can be monitored and the characters entered by the user recorded to determine the password. This is particularly important when remote terminals are used for financial transactions since substantial monetary loss could be incurred by unauthorized access to the system. Secondly, the keystrokes of the user could be monitored with an unauthorized software program to determine the password as in the case of a computer network such as a LAN (Local Area Network).
What is desired is a password entry method where the password is not directly input by the user or transmitted by the remote terminal. This method should employ a convenient algorithm for password entry and when used in conjunction with a user input and display device would not disclose the user password by any of the aforementioned monitoring techniques.